Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/BDV5h-uf036rT8MfxntggzJDzk8.roa
File: BDV5h-uf036rT8MfxntggzJDzk8.roa (raw, json)
Hash identifier: AsJGU1Ra6YyFB2JUcIMbGcIplRsSDPkmgO4Z5bENLHY=
Subject key identifier: 04:35:79:87:EB:9F:D3:7E:AB:4F:C3:1F:C6:7B:60:83:32:43:CE:4F
Certificate issuer: /CN=5ac466cc89f9db4e31c5400d2ae7a2bffdb22547
Certificate serial: 018CC3490C33D982DDA153AEFFFABBCA0E94
Authority key identifier: 5A:C4:66:CC:89:F9:DB:4E:31:C5:40:0D:2A:E7:A2:BF:FD:B2:25:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WsRmzIn5204xxUANKueiv_2yJUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/BDV5h-uf036rT8MfxntggzJDzk8.roa
Signing time: Mon 01 Jan 2024 04:29:53 +0000
ROA not before: Mon 01 Jan 2024 04:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3549
IP address blocks: 2a06:6540:30c1::/48 maxlen: 48
2a06:6540:3041::/48 maxlen: 48
2a06:6540:2041::/48 maxlen: 48
2a06:6540:3081::/48 maxlen: 48
2a06:6540:3101::/48 maxlen: 48
2a06:6541:3002::/48 maxlen: 48
2a06:6540:3002::/48 maxlen: 48
2a06:6541:3041::/48 maxlen: 48
2a06:6541:30c1::/48 maxlen: 48
2a06:6541:3101::/48 maxlen: 48
2a06:6541:2041::/48 maxlen: 48
2a06:6541:3081::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/WsRmzIn5204xxUANKueiv_2yJUc.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/WsRmzIn5204xxUANKueiv_2yJUc.mft
rsync://rpki.ripe.net/repository/DEFAULT/WsRmzIn5204xxUANKueiv_2yJUc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:0c:33:d9:82:dd:a1:53:ae:ff:fa:bb:ca:0e:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ac466cc89f9db4e31c5400d2ae7a2bffdb22547
Validity
Not Before: Jan 1 04:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04357987eb9fd37eab4fc31fc67b60833243ce4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a9:af:cd:68:54:a7:95:5a:bb:a8:8d:55:10:
5a:69:75:b1:08:8b:fc:d9:a8:b0:83:cb:2c:0f:e0:
3a:79:15:0d:eb:ff:04:1b:10:25:c3:71:a6:06:c6:
be:74:4d:03:92:ec:fd:18:2d:78:c4:6c:6f:a3:83:
43:96:6f:67:fb:98:51:b2:25:e9:43:53:da:7f:88:
ae:ee:7a:9f:0c:01:f0:8e:9d:67:6b:1e:78:30:b1:
9e:64:23:ec:2a:a2:69:dd:b6:79:59:09:74:ab:17:
ef:e5:67:46:af:16:f5:67:1d:64:a5:b9:c1:b6:23:
d1:d1:95:12:b7:06:eb:8a:bc:76:18:cd:cf:56:14:
59:63:dd:84:15:fe:a3:01:d6:ce:e3:0c:fe:0b:f6:
cc:6c:3f:2b:33:56:5f:20:0c:06:9b:cf:77:af:51:
69:15:59:b8:c9:b8:b3:bb:89:1c:d3:de:61:dc:5e:
e1:e7:52:40:60:c4:a4:f2:47:d4:92:5c:b4:67:01:
f1:f5:e1:ef:f4:ff:49:35:ce:2c:8e:34:04:91:52:
f8:1a:e0:59:42:8d:f1:25:62:20:1c:28:4a:ea:2a:
85:62:36:3b:4c:8d:b0:e9:02:f7:6b:99:c6:0e:f6:
6c:72:43:7d:42:76:53:51:3f:40:e4:4c:28:b9:49:
5f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:35:79:87:EB:9F:D3:7E:AB:4F:C3:1F:C6:7B:60:83:32:43:CE:4F
X509v3 Authority Key Identifier:
keyid:5A:C4:66:CC:89:F9:DB:4E:31:C5:40:0D:2A:E7:A2:BF:FD:B2:25:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WsRmzIn5204xxUANKueiv_2yJUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/BDV5h-uf036rT8MfxntggzJDzk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e29c87-4683-443e-883f-9abd1aa64be1/1/WsRmzIn5204xxUANKueiv_2yJUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:6540:2041::/48
2a06:6540:3002::/48
2a06:6540:3041::/48
2a06:6540:3081::/48
2a06:6540:30c1::/48
2a06:6540:3101::/48
2a06:6541:2041::/48
2a06:6541:3002::/48
2a06:6541:3041::/48
2a06:6541:3081::/48
2a06:6541:30c1::/48
2a06:6541:3101::/48
Signature Algorithm: sha256WithRSAEncryption
38:5e:fc:7d:aa:86:90:45:78:4d:b0:01:e9:ab:40:77:bb:94:
51:0a:7d:45:d0:be:6b:31:1a:27:39:26:a3:b5:ab:97:7f:7f:
ec:7a:cc:01:fa:77:71:f1:b5:ab:61:6e:1b:91:5b:69:c6:01:
35:8a:8f:35:39:b2:10:39:f7:87:e1:cb:a7:ef:f7:a3:52:3b:
f9:d6:cd:4b:c1:45:a3:53:92:c4:54:e3:85:3a:ae:fc:00:81:
41:eb:cd:fc:f7:8b:6a:db:b6:98:6f:c8:94:15:4d:b6:10:aa:
db:b2:e4:e4:7a:d0:32:9c:3d:c8:8b:e7:d4:2d:2f:78:56:8a:
10:28:34:29:ef:a3:ea:18:bc:7b:7e:b7:e1:a7:f4:d5:9a:82:
17:dc:47:cb:ea:6f:6f:9d:d5:13:d4:8c:85:d1:50:3b:e5:bd:
d7:10:f0:76:e6:5a:fb:25:c6:c1:7d:f8:03:51:a5:0e:7f:41:
79:2c:29:40:c7:92:33:e0:64:8a:ec:03:02:37:c4:9b:35:59:
2c:07:e9:df:58:4c:ba:ec:2f:64:ce:df:e8:f9:53:c3:bb:6b:
49:7b:8f:7a:f2:39:45:3f:26:65:bc:b4:b1:d3:84:dd:de:65:
28:c0:37:51:47:40:fc:7a:d4:58:48:f9:ec:5a:50:bb:45:94:
f5:32:f2:cf
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYzDSQwz2YLdoVOu//q7yg6UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhYzQ2NmNjODlmOWRiNGUzMWM1NDAwZDJhZTdhMmJmZmRi
MjI1NDcwHhcNMjQwMTAxMDQyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDM1Nzk4N2ViOWZkMzdlYWI0ZmMzMWZjNjdiNjA4MzMyNDNjZTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKmvzWhUp5Vau6iNVRBaaXWxCIv8
2aiwg8ssD+A6eRUN6/8EGxAlw3GmBsa+dE0Dkuz9GC14xGxvo4NDlm9n+5hRsiXp
Q1Paf4iu7nqfDAHwjp1nax54MLGeZCPsKqJp3bZ5WQl0qxfv5WdGrxb1Zx1kpbnB
tiPR0ZUStwbrirx2GM3PVhRZY92EFf6jAdbO4wz+C/bMbD8rM1ZfIAwGm893r1Fp
FVm4ybizu4kc095h3F7h51JAYMSk8kfUkly0ZwHx9eHv9P9JNc4sjjQEkVL4GuBZ
Qo3xJWIgHChK6iqFYjY7TI2w6QL3a5nGDvZsckN9QnZTUT9A5EwouUlfdQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFAQ1eYfrn9N+q0/DH8Z7YIMyQ85PMB8GA1UdIwQY
MBaAFFrEZsyJ+dtOMcVADSrnor/9siVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3NSbXpJbjUyMDR4eFVBTkt1ZWl2XzJ5SlVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9lMjljODctNDY4My00NDNlLTg4M2Yt
OWFiZDFhYTY0YmUxLzEvQkRWNWgtdWYwMzZyVDhNZnhudGdnekpEems4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9lMjljODctNDY4My00NDNlLTg4M2YtOWFiZDFhYTY0YmUx
LzEvV3NSbXpJbjUyMDR4eFVBTkt1ZWl2XzJ5SlVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAIwbAMHACoGZUAg
QQMHACoGZUAwAgMHACoGZUAwQQMHACoGZUAwgQMHACoGZUAwwQMHACoGZUAxAQMH
ACoGZUEgQQMHACoGZUEwAgMHACoGZUEwQQMHACoGZUEwgQMHACoGZUEwwQMHACoG
ZUExATANBgkqhkiG9w0BAQsFAAOCAQEAOF78faqGkEV4TbAB6atAd7uUUQp9RdC+
azEaJzkmo7Wrl39/7HrMAfp3cfG1q2FuG5FbacYBNYqPNTmyEDn3h+HLp+/3o1I7
+dbNS8FFo1OSxFTjhTqu/ACBQevN/PeLatu2mG/IlBVNthCq27Lk5HrQMpw9yIvn
1C0veFaKECg0Ke+j6hi8e3634af01ZqCF9xHy+pvb53VE9SMhdFQO+W91xDwduZa
+yXGwX34A1GlDn9BeSwpQMeSM+BkiuwDAjfEmzVZLAfp31hMuuwvZM7f6PlTw7tr
SXuPevI5RT8mZby0sdOE3d5lKMA3UUdA/HrUWEj57FpQu0WU9TLyzw==
-----END CERTIFICATE-----
Generated at Thu May 2 04:37:37 2024 by rpki-client on console-fra.rpki-client.org